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IN THE SPECIFICATION 

In accordance with 37 CFR 1.121(b)(l)(iii)5 Attachment A contains marked up 
versions of the replacement paragraphs illustrating the newly introduced changes in the 
specification. 

riease replace tne paragrapn on page i, startmg on une o, witn trie loilowing 
replacement paragraph. 






This application is a continuation of U.S. Patent Application No. 09/164,606 filed 
October 1, 1998, which in turn claimed priority to U.S. Patent Application No. 08/594,811, 
luea on January ji, lyyo, wnicn in lum ciaimea prioriiy lo me oweaisn Appiicaiion rso. 
9500355-4, filed on February 1, 1995. 






Please renlace the nara^ranh startine on naee 7 line 23 with the following 
replacement paragraph. 






The author also determines the conditions 42 for the usage of the data object 24 by a 
user. The data object 24 and the usage conditions 42 are input to a data packaging program 
19, which creates a secure data package 40 of the data object and of control data which are 
□aseu on me inpux usage conaiiions ^z. unce pacKageu in mis way, me uaia oDjeci can only 
be accessed by a user program 35. 






1 i^cio\^ i^^id^c/ iiiv pcud^idjjii oidiLiii^ pd^c o, iilic 7, Willi iiic luiiuwiiig rcpidL/Ciiiciii 

paragraph. 






The above-mentioned data packaging can be carried out by the author himself by 
means of the data packaging program 19. As an alternative, the author may send his data 
object to a broker, who inputs the data object and the usage conditions determined by the 
author to the data packaging program 19 in order to create a secure package 40. The author 
may also sell his data object to the broker. In that case, the broker probably wants to apply his 
own usage conditions to the data packaging program. The author may also provide the data 
object in a secure package to the broker, who repackages the data object and adds further 
control data which is relevant to his business activities. Various combinations of the above 
alternatives are also conceivable. 
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Please replace the paragraph starting on page 8, line 18, with the following 
replacement paragraph. 



In the user part 2 of the flow diagram, the secure package 40 is received by a user, 
who must use the user program 3 5 in order to unpackage the secure package 40 and obtain the 
data object in a final form 80 for usage. After usage, the data object is repackaged into the 
secure package 40. 



Please replace the paragraph on page 9, starting on line 15, with the following 
replacement paragraph. 



As shown in FIGURE 3, it comprises a program control module 301, a user interface 
module 302, a packaging module 303, a control data creation module 304, an encryption 
module 305, one or more format modules 306, and one or more security modules 307. 



Please replace the paragraph on page 9, starting on line 19, with the following 
replacement paragraph. 



The control module 301 controls the execution of the other modules. The user 
interface module 302 handles interaction with the data object provider. The packaging 
module 303 packages the control data and the data object. It uses the control data creation 
module 304, the format modules 306, the security modules 307 and the encryption module 
305 as will be described more in detail below. 



Please replace the paragraph on page 9, starting on line 24, with the following 
replacement paragraph. 



LAW OFFICES OF 
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The format modules 306 comprise program code, which is required to handle the data 
objects in their native format. They can fiilfiU functions such as data compression and data 
conversion. They can be implemented by any appropriate, commercially available program, 
such as by means of a routine from the PKWARE Inc. Data Compression Library for 
Windows and the Image Alchemy package from Handmade Software Incorporated, 
respectively. They can also be implemented by custom designed programs. 



Please replace the paragraph starting on page 10, line 1, with the following 
replacement paragraph. 
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The security modules 307 comprise program code required to implement security, 
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such as more sophisticated encryption than what is provided by the encryption module 305, 
authorization algorithms, access control and usage control, above and beyond the basic 
security inherent in the data package. 






Please replace the paragraph starting on page 10, line 5, with the following 
replacement paragraph. 

The data packaging program 1 9 can contain many different types of both format and 
security modules. Ihe program control module JOl applies the lormat and security modules 
which are requested by the data provider. 


■ . 

- 






riease replace tne paragrapn starting on page lU, line o, witn tne louowing 
replacement paragraph. 




r 


The encryption module 305 may be any appropriate, commercially available module, 
sucn as ruei^rypi v isuai JDasic suuprogram lounu in L^resceni ooiiware s i^uiCKr oK 
Professional for Windows—FILECRPT.BAS, or a custom designed encryption program. 




r lease replace tne paragrapn starting on page lU, line 12, witn tne loUowing 
replacement paragraph. 




The control data creation module 304 creates the control data for controlling the usage 
01 the data object. An example oi a control data structure will be described more in detail 
below. 






Please replace the paragraph starting on page 10, line 17, with the following 
replacement paragraph. 
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The control data can be stored in a header file and a usage data file. In a preferred 
embodiment, the header file comprises fields to store an object identifier, which uniquely 
identifies the control data and/or its associated data object, a title, a format code, and a 
security code. The format code may represent the format or position of fields in the usage 
data file. Alternatively, the format code may designate one or more format modules to be 
used by the data packaging program or the user program. The security code may represent the 
encryption method used by the encryption module 305 or any security module to be used by 
the data packaging program and the user program. The header file fields will be referred to as 
header elements. 
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Please replace the paragraph starting on page 1 1 , line 1 , with the roUowing 
replacement paragraph. 


■ 


m 
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The header elements and the usage elements are control elements which control all 
operations relating to the usage of the object. The number of control elements is unlimited. 
The data provider may define any number of control elements to represent his predetermined 
conditions of usage of the data object. The only restriction is that the data packaging program 
19 and the user program 35 must have compatible program code to handle all the control 
elements. This program code resides in the packaging module and the usage manager 
module, to be described below. 

Please replace the paragraph starting on page 11, line 8, with the following 
replacement paragraph. 

Control elements can contain data, script or program code which is executed by the 
user program 35 to control usage of the related data object. Script and program code can 
contain conditional statements and the like which are processed v^th the relevant object and 
system parameters on the user's data processor. It would also be possible to use a control 
element to specify a specific proprietary user program which can only be obtained from a 
particular broker. 






Please replace the paragraph on page 11, starting on line 25, with the following 
replacement paragraph. 




* 
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First a data provider creates a data object and saves it to a file, step 401. When the 
data packaging program is started, step 402, the user interface module 302 prompts the data 
object provider to input, step 403, the header information consisting of e.g. an object 
identifier, a title of the data object, a format code specifying any format module to be used for 
converting the format of the data object, and a security code specifying any security module 
to be used for adding further security to the data object. Furthermore, the user interface 
module 302 prompts the data object provider to input usage information, e.g. his conditions 
for the usage of the data object. The usage information may comprise the kind of user who is 
authorized to use the data object, the price for different usages of the object etc. The header 
information and the usage information, which may be entered in the form of predetermined 
codes, is then passed to the control module 301, which calls the packaging module 303 and 
Dasses the information to it 
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Please replace the paragraph on page 12, starting on line 7, with the following 
replacement paragraph. 



The packaging module 303 calls the control data creation module 304 which first 
creates a header file, then creates header data on the basis of the header information entered 
by the data object provider and finally stores the header data, step 404-405. Then a usage data 
file is created, usage data created on the basis of the usage information entered by the data 
provider, and finally the usage data is stored in the usage data file, step 406-407. 



Please replace the paragraph on page 12, starting on line 13, with the following 
replacement paragraph. 

The packaging module 303 then applies any format and security modules 306, 307 
specified in the header file, steps 408-413, to the data object. 



Please replace the paragraph on page 12, starting on line 15, with the following 
replacement paragraph. 



Next, the packaging module 303 concatenates the usage data file and the data object 
and stores the result as a temporary file, step 414. The packaging module 303 calls the 
encryption module 305, which encrypts the temporary file, step 415. The level of security 
will depend somewhat on the quality of the encryption and key methods used. 



Please replace the paragraph on page 12, starting on line 19, with the following 
replacement paragraph. 



Finally, the packaging module 303 concatenates the header file and the encrypted 
temporary file and saves the result as a single file, step 416. This final file is the data package 
which may now be distributed by file transfer over a network, or on storage media such as 
CDROM or diskette, or by some other means. 



Please replace the paragraph on page 13, starting on line 3, with the following 
replacement paragraph. 
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The artist uses some image creation application, such as Adobe's Photoshop to create 
his image. The artist then saves the image to file in an appropriate format for distribution, 
such as the Graphical Interchange Format (GIF). The artist then starts his data packaging 
program and enters an object identifier, a title, a format code and a security code, which in 
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this example are "123166789", "image", "a", and "b", respectively. In this example, the 
format code "a" indicates that no format code need be applied, and this code is selected since 
the GIF format is appropriate and already compressed. Furthermore, the security code "b" 
indicates that no security module need be applied and this code is selected since the security 
achieved by the encryption performed by means of the encryption module 305 is considered 
appropriate by the artist. 



Please replace the paragraph on page 13, starting on line 13, with the following 
replacement paragraph. 



Then the artist enters his dial-up phone number, his price for a single use of the image 
and for unlimited use of the data object, a code for usage types approved, and for number of 
usages approved. For this purpose, the user interface module 302 may display a data entry 
form. 



Please replace the paragraph starting on page 15, line 28, with the following 
replacement paragraph. 



1 



The user set of control data 60, i.e. a set of control data which is adapted to the 
specific user of this example, is created in steps 1001-1003 of FIGURE 10. First, the general 
set of control data 50 stored in the control database is copied to create new control data, step 
1001. Second, a new identifier, here "123166790", which uniquely identifies the user set of 
control data, is stored in the identifier field of the new control data 60, step 1002. Third, the 
data field of the second usage element is updated with the usage purchased, i.e. in this 
example with two, since two viewings of the video were purchased, step 1 003 . 



Please replace the paragraph starting on page 16, line 7, with the following 
replacement paragraph. 
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The user set of control data is stored in the control database 20, step 1004. Then, the 
video, which is stored in the bulk storage 17, is copied, step 1005. The copy of the video is 
concatenated with the user set of control data, step 1006. The security code 0010 specifies 
that the entire data package 40 is to be encrypted and that the user program 35 must contain a 
key which can be applied. Accordingly, the whole data package is encrypted, step 1007. 
Finally, the encrypted data package is stored on a storage media or passed to a network 
program, step 1008, for further transfer to the user. 
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Please replace the paragraph starting on page 17, line 2, with the following 
replacement paragraph. 



The user's data processor, which is shown in Figure 13, is a general or special purpose 
processor, preferably with network capabilities. It comprises a CPU 25, a memory 26, and a 
network adapter 27, which are interconnected by a bus 28. As shown in FIGURE 13, other 
conventional means, such as a display 29, a keyboard 30, a printer 31, a sound system 32, a 
ROM 33, and a bulk storage device 34, may also be connected to the bus 28. The memory 26 
stores network and telecommunications programs 37 and an operating system (OS) 39. All 
the above-mentioned elements are well-known to the skilled person and commercially 
available. For the purpose of the present invention, the memory 26 also stores a user program 
35 and, preferably, a database 36 intended for the control data. Depending upon the current 
operation, a data package 40 can be stored in the memory 26, as shown, or in the bulk storage 
34. 



Please replace the paragraph starting on page 17, line 15, with the following 
replacement paragraph. 



The user program 35 controls the usage of a data object in accordance with the control 
data, which is included in the data package together with the data object. 



Please replace the paragraph starting on page 17, line 17, with the following 
replacement paragraph. 



As shown in Figure 14, the user program 35 comprises a program control module 
1401, a user interface module 1402, a usage manager module 1403, a control data parser 
module 1404, a decryption module 1405, one or more format modules 1406, one or more 
security modules 1407, and a file transfer program 1409. 



Please replace the paragraph starting on page 17, line 30, with the foUov^ng 
replacement paragraph^ 
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The user program 35 can contain many different types of both format and security 
modules. However, they should be complementary with the format and security modules 
used in the corresponding data packaging program. The usage manager module 1401 applies 
the format and security modules which are necessary to use a data object and which are 
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specified in its control data. If the proper format and security modules are not available for a 
particular data object, the usage manager module 1401 will not permit any usage. 






Please replace the paragraph starting on page 18, line 11, with the following 
replacement paragraph. 




A 

• 


The control data parser module 1403 performs the reverse process of the control data 
creation module 304 in FIGURE 3. 






Please replace the paragraph starting on page 18, line 13, with the following 
replacement paragraph. 






The user program 35 can have code which controls use of the program by password or 
by any other suitable method. A password may be added in a password control element 
during packaging of the data object. The password is transferred to the user by registered 
mail or in any other appropriate way. In response to the presence of the password control 
element in the control data structure, the user program prompts the user to input the password. 
The input password is compared with the password in the control data, and if they match, the 
user program continues, otherwise it is disabled. 


■ 




Please replace the paragraph starting on page 18, line 20, with the following 
replacement paragraph. 




• 


The user program 35 can also have procedures which alter the behavior of the program 
(e.g. provide filters for children) according to the control data of the user object 41, It is 
important to mention that the user program 35 never stores the object in native format in user 
accessible storage and that during display of the data object the print screen key is trapped. 






Please replace the paragraph starting on page 19, line 2, with the following 
replacement paragraph. 







The oneration of an embodiment of the user nroeram 35 will now be described with 
reference to the block diagram of FIGURE 14 and the flow diagram of FIGURE 15, 






Please replace the paragraph on pages 19 and 20, starting on line 26, with the 
following replacement paragraph. 
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connection with the enabUng of the usage, the control data may need to be updated, step 1517. 
The control data may for instance comprise a data field indicating a limited number of usages. 
If so, this data field is decremented by one in response to the enabling of the usage. When the 
user has finished usage of the data object, the user program 35 restores the data package in the 
secure form by repackaging it, step 1518. More particularly, the data object and the usage 
elements are reconcatenated and reencrypted. Then the header elements are added and the 
thus-created package is stored in the user's data processor. 



Please replace the paragraph starting on page 20, line 9, with the following 
replacement paragraph. 



0} 
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Assume that a user has found the image at an electronic bulletin board (BBS) and is 
interested in using it. He then loads the data package 40 containing the image to his data 
processor and stores it as a file in the bulk storage. The user then executes the user program 
35 and requests to preview the image. The user program then performs steps 1505-1507 of 
the flow diagram in FIGURE 15. The request for a preview of the image is compared with 
the data field of the usage element "code for usage type approved". In this example, the code 
"9" designates that previews are permitted. Thus, the requested preview is OK. Then, the 
user program 35 performs step 1509-1515 of FIGURE 15. Since the format code "a" and the 
security code "b" of the header data indicate that neither conversion, nor decompression, nor 
security treatment is required, the user program only decrypts the object data. The usage 
manager module 1403 then displays the preview on the user's data processor and passes 
control back to the user interface 1402. 



Please replace the paragraph starting on page 21, line 18, with the following 
replacement paragraph. 



If the data object provider wants to improve the security of a data package containing 
a data object, a security module 307 containing a sophisticated encryption algorithm, such as 
RSA, could be used. In that case the packaging module 303 calls the security module 307 in 
step 412 of the flow diagram of FIGURE 4. The security module encrypts the image and 
passes a security algorithm code to the control data creation module 304, which adds a control 
element for the security module code, which will be detected by the user program 35. Then 
the data packaging continues with step 414. When the data package is sent to the user, the 
public key is mailed to the user by registered mail. When the user program is executed in 
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response to a request for usage of this data object, the usage manager module will detect the 
security module code in the control data and call the security module. This module passes 
control to the user interface module 1402, which requests the user to input the public key. If 
the key is correct, the user security module applies complementary decryption using that key 
and passes a usage approved message to the usage manager module, which enables the usage. 



Please replace the paragraph starting on page 22, line 1, with the following 
replacement paragraph. 



As another example of improved security, a security module may implement an 
authorization process, according to which each usage of the data object requires a dialup to 
the data processor of the data object provider. When the corresponding security module code 
is detected by the user program 35, the relevant security module is called. This module passes 
a request for authorization to the control module 1401, which calls the file transfer program 
1409, which dial the data object provider's dial-up number, which is indicated in a usage 
element and transfers the request for authorization of usage. Upon a granted authorization, 
the data provider's data processor returns a usage approved message to the user security 
module, which forwards the approval to the usage control module, which enables one usage. 
If the user requests further usages of the data object, the authorization process is repeated. 
This procedure results in a permanent data object security. 
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Please replace the paragraph starting on page 22, line 14, with the following 
replacement paragraph. 



A further specific example of how the user program 35 operates will now be described 
with reference to FIGURE 16. The example is a continuation of Example 2 above, where a 
user purchased two viewings of a video film fi:om a broker. 



Please replace the paragraph starting on page 22, line 17, vsdth the following 
replacement paragraph. 



The user wants to play the video which was purchased and transferred from the 
broker. The user applies the user program 35, step 1601, and requests to play the video, step 
1602. The user program 35 step 1601, and requests to play the video, step 1602. The user 
program 35 first examines the user set of control data 60, step 1603. In this example, the user 
program 35 contains only those format and security modules for objects with format code of 
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0010 and with a security code of 0010. Consequently, only those types of data objects may be 
used. If the program encounters other codes it will not enable the usage action, step 1604- 



1605. 



Please replace the paragraph on pages 22 and 23, starting on line 24, with the 
follo wing replacement paragraph. ^ ' 

Next, the user program 35 compares the first control element data which is 1, for the 
educational users only, to user information entered by the user on request of the user program. 
Since the user type entered by the user is the same as that indicated in the first usage element 
the process continues, steps 1606-1607. Then the user program checks the second control 
element data which specifies that the number of plays purchased is 2. Consequently, the 
usage is enabled, step 1609. The user program applies the decryption module with the 
universal key and the AVI format video is displayed on the display unit 29. Then, the second 
control element data is decremented by one, step 1610. Finally, the video is repackaged, step 
1611. Proceeding to a state 1699, the user program returns to its initial state to process further 
requests from the user. 



Please replace the paragraph starting on page 23, line 4, with the following 
replacement paragraph. • 

Object control is achieved through the interaction of the data packaging program 19 
and the usage program 35 with the control data. Variation of object control can be applied to 
a particular object by creating a control data format with control elements defining the control 
variation and the circumstances in which the variation is applied. Program procedures should 
then be added to program modules to process the control elements. For example, suppose a 
broker wants to allow students to print a particular article for free but require business users to 
pay for it. He defines control elements to represent the user types student and business and 
the associated costs for each. He then adds program logic to examine the user type and 
calculate costs accordingly. Object control is extensible in the sense that the control data 
format can have as many elements as there are parameters defining the rules for object 
conliQ] 
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Please replace the paragraph on pages 23 and 24, starting on line 17, with the 
following replacement paragraph. 

Object security is also achieved through the interaction of the data packaging program 
19 and the user program 35 with the control data. Security process and encryption/decryption 
algorithms can be added as program modules. Variation of object security can be applied to a 
particular object by creating a control data format with control elements defining the security 
variation and the circumstances in which the variation is applied. Program procedures should 
be added to program modules to process the control elements. For example, suppose a broker 
wants to apply minimal security to his collection of current news articles but to apply tight 
security to his encyclopedia and text books. He defines a control element for security type. 
He then adds program logic to apply the security algorithms accordingly. Object security is 
extensible in the sense that multiple levels of security can be applied. The level of security 
will of course be dependent on the encryption/key method which is implemented in the 
security modules. One level of security may be to require on-line confirmation when loading 
a data object to the user's data processor. This can be implemented in program code in a 
security module. This permits the broker to check that the object has not already been loaded 
as well as double check all other parameters. 
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